Category: Security Alert


Beware: Smishing Scams Impersonating UA Leadership

We want to bring to your attention a concerning trend that has been on the rise recently: smishing scams impersonating UA leadership. “Smishing” is a term used to describe phishing scams that occur via SMS or text messages. These fraudulent messages may appear to be from President Bell or another university official, and they often…


Stay Sharp While Using AI 

As AI grows in popularity, staying aware of potential risks and challenges associated with these powerful technologies is essential.  AI undoubtedly provides significant value to daily tasks and research, but it is crucial to exercise caution and diligence when leveraging AI products. The data input into these tools is often used to train future AI…


Email Forwarding

The University of Alabama has a policy in place to ensure the security of its digital communications and data. The policy requires adherence to the minimum security standards, which state employees, contractors, and non-student affiliates are explicitly prohibited from configuring mail clients to automatically forward UA email to personal accounts or other companies or institutions without prior,…


June 5 Phishing Email

On Monday, June 5, many UA students, faculty and staff received a scam email. The subject of the message could be “Now Hiring for Summer Employment” or a variation related to employment, and it appears to be from a Winthrop University email about “The Dimax Centre for Disability Services Council.” This is not a message…


May 9 Social Media Warning

On Tuesday, May 9, someone who appears to be a former student posted on the Alabama Student Ticket Exchange Facebook page, offering to make a master list for students’ class assignments. Remember to NEVER give out your MyBama login information or CWID to someone on the internet.


LastPass Breach – Password change required

Many faculty, staff, and students utilize LastPass as a password management tool to store passwords in an encrypted environment.  On December 22, LastPass informed its customers of a potential cyber security incident that could compromise the passwords stored in their accounts. LastPass discovered that in November 2022, a copy of the customer password vaults had…


OIT to Implement Additional Email Security in January 2023

Beginning in January 2023, OIT will implement new email security features to help students, faculty and staff better recognize phishing emails. These new security measures utilize mailbox intelligence and recognize email user patterns. Outlook will provide safety tips for inbound mail that comes from new or unusual senders. Below is a screenshot example. The mailbox…


Simulated Phishing

This fall, OIT will begin sending simulated phishing emails to UA students, faculty and staff. The simulated phishing emails will imitate real phishing emails to better equip UA community members to recognize phishing attacks. Learn more on the OIT website.


July 18 Phishing Email

On Monday, July 18, many UA students, faculty and staff received a scam email. The subject of the message was “NOTICE BY ADMIN VERIFY YOUR OFFICE 365”. This is not a message from UA or Microsoft Office 365. If you received this message, please mark it as spam in Outlook. If you have any questions,…


July 16 Phishing Email

On Saturday, July 16, many UA students, faculty and staff received a scam email. The subject of the message was “MEMO FROM HR”. This is not a message from UA Human Resources or Microsoft Office 365. If you received this message, please mark it as spam in Outlook. If you have any questions, contact the…